Overview

overview

9

Static

static

3

0acdf318a6...8d.exe

windows7-x64

9

0acdf318a6...8d.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    0acdf318a619734fb461ec57f4dafbe8eaa88e845b7185972d586142839f338d

  • Size

    458KB

  • Sample

    240328-v32v8acf78

  • MD5

    cb887a256aaaa2e732ee82f5dc9123fc

  • SHA1

    118845c21442129a3543ac48c681a0d72780682e

  • SHA256

    0acdf318a619734fb461ec57f4dafbe8eaa88e845b7185972d586142839f338d

  • SHA512

    4f6f4a1eb9ac45b4bdbb1c738995e98203dadb1ac65837e76a51806bf2a63d5bf5bf5c86adbb7519611824cbb68582df631bfac3fcccdbc8b41a0673e779cb3a

  • SSDEEP

    6144:d9lRIV9+AqVTknDF30pEiRv4HqFJFpMfZ/OC3oobyNuOrKx4/3rOrWxVmi:/PIV9+AqRA3AEiRv4HqFGoobDOr1RWi

Score
9/10
persistence

Malware Config

Targets

    • Target

      0acdf318a619734fb461ec57f4dafbe8eaa88e845b7185972d586142839f338d

    • Size

      458KB

    • MD5

      cb887a256aaaa2e732ee82f5dc9123fc

    • SHA1

      118845c21442129a3543ac48c681a0d72780682e

    • SHA256

      0acdf318a619734fb461ec57f4dafbe8eaa88e845b7185972d586142839f338d

    • SHA512

      4f6f4a1eb9ac45b4bdbb1c738995e98203dadb1ac65837e76a51806bf2a63d5bf5bf5c86adbb7519611824cbb68582df631bfac3fcccdbc8b41a0673e779cb3a

    • SSDEEP

      6144:d9lRIV9+AqVTknDF30pEiRv4HqFJFpMfZ/OC3oobyNuOrKx4/3rOrWxVmi:/PIV9+AqRA3AEiRv4HqFGoobDOr1RWi

    Score
    9/10
    persistence

    • Detects executables containing SQL queries to confidential data stores. Observed in infostealers

    • Detects executables containing base64 encoded User Agent

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks